PHP Web Form Hash Collision Denial Of Service Vulnerability

Bugtraq ID: 51193
Class: Failure to Handle Exceptional Conditions
CVE: CVE-2011-4885
Remote: Yes
Local: No
Published: Dec 29 2011 12:00AM
Updated: Aug 19 2013 08:17AM
Credit: Alexander Klink and Julian Waelde
Vulnerable: Turbolinux Client 2008
Turbolinux Appliance Server 3.0 x64
Turbolinux Appliance Server 3.0
SuSE SUSE Linux Enterprise Server for VMware 11 SP1
+ Linux kernel 2.6.5
SuSE SUSE Linux Enterprise Server 11 SP2
+ Linux kernel 2.6.5
SuSE SUSE Linux Enterprise Server 11 SP1
SuSE SUSE Linux Enterprise Server 10 SP4
SuSE SUSE Linux Enterprise Server 10 SP3 LTSS
SuSE SUSE Linux Enterprise SDK 11 SP2
SuSE SUSE Linux Enterprise SDK 11 SP1
SuSE SUSE Linux Enterprise SDK 10 SP4
RedHat Enterprise Linux WS 4
RedHat Enterprise Linux ES 4
RedHat Enterprise Linux Desktop Workstation 5 client
RedHat Enterprise Linux Desktop version 4
Red Hat Fedora 16
Red Hat Fedora 15
Red Hat Enterprise Linux Workstation Optional 6
Red Hat Enterprise Linux Workstation 6
Red Hat Enterprise Linux Server Optional 6
Red Hat Enterprise Linux Server 6
Red Hat Enterprise Linux HPC Node Optional 6
Red Hat Enterprise Linux HPC Node 6
Red Hat Enterprise Linux Desktop Optional 6
Red Hat Enterprise Linux AS 4
Red Hat Enterprise Linux 5 Server
PHP PHP 5.3.8
PHP PHP 5.3.7
PHP PHP 5.3.6
PHP PHP 5.3.6
PHP PHP 5.3.5
PHP PHP 5.3.2
PHP PHP 5.3.1
PHP PHP 5.3
PHP PHP 5.2.17
PHP PHP 5.2.15
PHP PHP 5.2.13
PHP PHP 5.2.12
PHP PHP 5.2.11
PHP PHP 5.2.10
PHP PHP 5.2.9 -2
PHP PHP 5.2.9
PHP PHP 5.2.8
PHP PHP 5.2.7
PHP PHP 5.2.6
PHP PHP 5.2.5
PHP PHP 5.2.4
PHP PHP 5.2.3
PHP PHP 5.2.2
PHP PHP 5.2.1
+ Ubuntu Ubuntu Linux 7.04 sparc
+ Ubuntu Ubuntu Linux 7.04 powerpc
+ Ubuntu Ubuntu Linux 7.04 i386
+ Ubuntu Ubuntu Linux 7.04 amd64
PHP PHP 5.1.6
PHP PHP 5.1.5
PHP PHP 5.1.4
PHP PHP 5.1.3 -RC1
PHP PHP 5.1.3
PHP PHP 5.1.2
PHP PHP 5.1.1
PHP PHP 5.1
PHP PHP 5.0.5
PHP PHP 5.0.4
PHP PHP 5.0.3
PHP PHP 5.0.2
PHP PHP 5.0.1
PHP PHP 5.0 candidate 3
PHP PHP 5.0 candidate 2
PHP PHP 5.0 candidate 1
PHP PHP 5.0 .0
PHP PHP 5.3.5
PHP PHP 5.3.4 RC1
PHP PHP 5.3.4
PHP PHP 5.3.3
PHP PHP 5.2.14
PHP PHP 5.2
Oracle Secure Backup 10.3.0.3
Oracle Enterprise Linux 6.2
Oracle Enterprise Linux 6
Oracle Enterprise Linux 5
Oracle Enterprise Linux 4
Mandriva Linux Mandrake 2011 x86_64
Mandriva Linux Mandrake 2011
Mandriva Linux Mandrake 2010.1 x86_64
Mandriva Linux Mandrake 2010.1
MandrakeSoft Enterprise Server 5 x86_64
MandrakeSoft Enterprise Server 5
HP System Management Homepage 7.0
HP System Management Homepage 6.3
HP System Management Homepage 6.2
HP System Management Homepage 6.1
HP System Management Homepage 6.0
HP OpenVMS Secure Web Server 7.3 -2
HP OpenVMS Secure Web Server 7.3 -1
HP OpenVMS Secure Web Server 7.3
HP OpenVMS Secure Web Server 7.2 -2
HP OpenVMS Secure Web Server 1.2
HP OpenVMS Secure Web Server 1.1 -1
HP OpenVMS Secure Web Server 2.2
HP OpenVMS Secure Web Server 2.1-1
HP HP-UX Web Server Suite 3.21
HP HP-UX Web Server Suite 3.18
HP HP-UX Web Server Suite 3.17
HP HP-UX Web Server Suite 3.15
HP HP-UX Web Server Suite 3.14
HP HP-UX Web Server Suite 3.13
HP HP-UX Web Server Suite 3.12
HP HP-UX Web Server Suite 3.10
Gentoo Linux
F5 FirePass 6.0.3
F5 FirePass 6.0.2
F5 FirePass 6.0.1
F5 FirePass 7.0
F5 FirePass 6.1
F5 FirePass 6.0.2.3
F5 FirePass 6.0
F5 BigIP WAN Optimization Module 10.1
F5 BigIP WAN Optimization Module 10.0.1
F5 BigIP WAN Optimization Module 10.0
F5 BigIP PSM 10.1
F5 BigIP PSM 10.0.1
F5 BigIP PSM 10.0
F5 BigIP Local Traffic Manager (LTM) 10.2.1 HF2
F5 BigIP Local Traffic Manager (LTM) 10.1
F5 BigIP Local Traffic Manager (LTM) 10.0.1
F5 BigIP Local Traffic Manager (LTM) 10.0
F5 BigIP Link Controller 10.1
F5 BigIP Link Controller 10.0.1
F5 BigIP Link Controller 10.0
F5 BigIP Global Traffic Manager (GTM) 10.1
F5 BigIP Global Traffic Manager (GTM) 10.0.1
F5 BigIP Global Traffic Manager (GTM) 10.0
F5 BigIP Edge 10.1
F5 BigIP Application Security Manager (ASM) 10.1
F5 BigIP Application Security Manager (ASM) 10.0.1
F5 BigIP Application Security Manager (ASM) 10.0
F5 BigIP APM 10.1
F5 BIG-IP Protocol Security Manager 10.1
F5 BIG-IP Protocol Security Manager 10.0.1
F5 BIG-IP Protocol Security Manager 10.0
F5 BIG-IP Application Security Manager 10.2.2
F5 BIG-IP Application Security Manager 10.2
F5 BIG-IP Application Security Manager 10.1
F5 BIG-IP Application Security Manager 10.0.1
F5 BIG-IP Application Security Manager 10.0
Drupal Drupal 7.6
Drupal Drupal 7.5
Drupal Drupal 7.4
Drupal Drupal 7.3
Drupal Drupal 7.2
Drupal Drupal 7.1
Drupal Drupal 7.0 Dev
Drupal Drupal 7.0 Alpha7
Drupal Drupal 7.0 Alpha6
Drupal Drupal 7.0 Alpha5
Drupal Drupal 7.0 Alpha4
Drupal Drupal 7.0 Alpha3
Drupal Drupal 7.0 Alpha2
Drupal Drupal 7.0 Alpha1
Drupal Drupal 7.0
Drupal Drupal 6.x-1.12
Drupal Drupal 6.9
Drupal Drupal 6.8
Drupal Drupal 6.7
Drupal Drupal 6.6
Drupal Drupal 6.5
Drupal Drupal 6.4
Drupal Drupal 6.3
Drupal Drupal 6.22
Drupal Drupal 6.22
Drupal Drupal 6.21
Drupal Drupal 6.21
Drupal Drupal 6.2
Drupal Drupal 6.18
Drupal Drupal 6.17
Drupal Drupal 6.16
Drupal Drupal 6.15
Drupal Drupal 6.15
Drupal Drupal 6.14
Drupal Drupal 6.13
Drupal Drupal 6.12
Drupal Drupal 6.11
Drupal Drupal 6.10
Drupal Drupal 6.1
Drupal Drupal 6.0 Rc4
Drupal Drupal 6.0 Rc3
Drupal Drupal 6.0 Rc2
Drupal Drupal 6.0 Rc1
Drupal Drupal 6.0 Dev
Drupal Drupal 6.0 Beta4
Drupal Drupal 6.0 Beta3
Drupal Drupal 6.0 Beta2
Drupal Drupal 6.0 Beta1
Drupal Drupal 6.0
Debian Linux 6.0 sparc
Debian Linux 6.0 s/390
Debian Linux 6.0 powerpc
Debian Linux 6.0 mips
Debian Linux 6.0 ia-64
Debian Linux 6.0 ia-32
Debian Linux 6.0 arm
Debian Linux 6.0 amd64
Avaya Voice Portal 5.1.2
Avaya Voice Portal 5.1.1
Avaya Voice Portal 5.1 SP1
Avaya Voice Portal 5.1
Avaya Voice Portal 5.0 SP2
Avaya Voice Portal 5.0 SP1
Avaya Voice Portal 5.0
Avaya IP Office Application Server 8.0
Avaya IP Office Application Server 7.0
Avaya IP Office Application Server 6.1
Avaya IP Office Application Server 6.0
Avaya Aura SIP Enablement Services 5.2.1
Avaya Aura SIP Enablement Services 5.2
Avaya Aura SIP Enablement Services 5.1
Avaya Aura SIP Enablement Services 5.0
Avaya Aura SIP Enablement Services 4.0
Avaya Aura Session Manager 5.2
Avaya Aura Session Manager 1.1
Avaya Aura Messaging 6.0.1
Avaya Aura Messaging 6.0
Avaya Aura Experience Portal 6.0
Avaya Aura Communication Manager Utility Services 6.2
Avaya Aura Communication Manager Utility Services 6.1
+ Avaya Communication Manager Server DEFINITY Server SI/CS
+ Avaya Communication Manager Server S8100
+ Avaya Communication Manager Server S8300
+ Avaya Communication Manager Server S8500
+ Avaya Communication Manager Server S8700
Avaya Aura Communication Manager Utility Services 6.0
Avaya Aura Communication Manager 6.0.1
+ Avaya Communication Manager Server DEFINITY Server SI/CS
+ Avaya Communication Manager Server S8100
+ Avaya Communication Manager Server S8300
+ Avaya Communication Manager Server S8500
+ Avaya Communication Manager Server S8700
Avaya Aura Communication Manager 6.0
Avaya Aura Communication Manager 5.2
Avaya Aura Communication Manager 5.1
Avaya Aura Communication Manager 4.0
Avaya Aura Communication Manager 4.0
Avaya Aura Application Enablement Services 5.2.1
Avaya Aura Application Enablement Services 6.1.1
Avaya Aura Application Enablement Services 6.1
Avaya Aura Application Enablement Services 5.2.3
Avaya Aura Application Enablement Services 5.2.2
Avaya Aura Application Enablement Services 5.2
Apple Mac Os X Server 10.7.3
Apple Mac Os X Server 10.7.2
Apple Mac Os X Server 10.7.1
Apple Mac Os X Server 10.7
Apple Mac Os X 10.7.3
Apple Mac Os X 10.7.2
Apple Mac Os X 10.7.1
Not Vulnerable: PHP PHP 5.3.9
HP HP-UX Web Server Suite 3.22
Apple Mac Os X Server 10.7.4
Apple Mac Os X 10.7.4


 

Privacy Statement
Copyright 2010, SecurityFocus